const async = require('async');
const mysql = require('../../utils/db').mysql;
const md5 = require('md5');
exports.page = function(req, res, next){
    const userInfo = req.session.userInfo;
    res.render('admin/changePw', {
        userInfo: userInfo,
        channel: {
            type: 'manage-user',
            index: 1
        }
    });
}
exports.changePw = function(req, res, next){
    const passwd = md5(req.body.passwd);
    const id = req.body.id;
    const userInfo = req.session.userInfo;
    if(!id){
        res.send({
            code: 400,
            msg: '用户ID为空'
        });
        return;
    }
    if(userInfo.userId != id){
        res.send({
            code: 400,
            msg: '用户ID错误'
        })
        return;
    }
    async.auto({
        oldPw: function(callback){
            const queryStr = 'SELECT * FROM adminuser WHERE id="' +　id + '"';
            mysql.getConnection(function(err, conn) {
                conn.query(queryStr, function (err, result) {
                    if (err) {

                    }
                    if (result[0]) {
                        if (result[0].passwd == passwd) {
                            callback(null, {
                                code: 200,
                                msg: '旧密码匹配成功'
                            })
                        } else {
                            res.send({
                                code: 401,
                                msg: '旧密码错误'
                            });
                            return;
                        }
                    } else {
                        res.send({
                            code: 400,
                            msg: '修改失败，没有该用户'
                        });
                        return;
                    }
                    mysql.releaseConnection(conn);
                });
            })
        },
        newPw: ['oldPw', function(obj, callback){
            if(obj.oldPw.code == 200){
                const data = {
                    passwd: md5(req.body.newPasswd)
                };
                const queryStr = 'UPDATE adminuser SET passwd=? WHERE id="' + id + '"';
                const valueArr = [data.passwd];
                mysql.getConnection(function(err, conn) {
                    conn.query(queryStr, valueArr, function (err, result) {
                        if (err) {
                            res.send({
                                code: 400,
                                msg: '更新失败'
                            });
                            return;
                        } else {
                            callback(null, {
                                code: 200,
                                msg: '更新成功'
                            })
                        }
                        mysql.releaseConnection(conn);
                    })
                })
            }else{
                res.send({
                    code: 400,
                    msg: '修改失败'
                })
                return;
            }
        }]
    }, function(err, results){
        res.send({
            code: 200,
            msg: '修改密码成功'
        });
    })
}